Current revision

The New Model

Considering the requirements in the previous sections, I would like to propose the following
payment model for card-not-present transactions. Let’s begin by walking through an example
e-commerce transaction within the new model at a high level:

1. A consumer sends order information to both the merchant and the issuing bank in a
common format.

2. When the merchant receives the order information from the consumer, the merchant
authenticates with its acquiring bank and sends order information to the bank in a one-
way hash.

3. Upon successful authentication, the acquiring bank signs the hashed value of the order
information and sends this value to the issuing bank over the card network.

4. The issuing bank verifies the signature of the acquiring bank and creates a one-way hash
of the order information sent by the consumer. It then compares the hashes, which should
match, in order to verify the order.

5. If the issuing bank successfully verifies both the acquirer’s signature and the consumer
order information, the issuing bank sends a virtual card number to the consumer with a
limit equal to the amount of the consumer order info.

6. The consumer submits payment information to the merchant using a virtual card account.
The steps are illustrated in Figure 5-2.

This fairly simple six-step process meets all of our requirements and will prevent a single
compromise of any of the numerous systems that process the transaction from compromising
the overall consumer account. Although none of these security concepts are new to us in the
field of information security, they have not been used together effectively to secure modern
e-commerce transactions. I believe the simplicity of this approach is what makes it beautiful
and at the same time scalable to today’s environment. By melding a series of existing security
features and processes, we can fundamentally change the overall model, creating a hybrid that
is simple, secure, and beautiful.